Thursday, May 03, 2007

Anonymous identity

This is interesting because it seems the exact opposite of most use cases in which identity attributes are shared (and those that Liberty ID-WSF has historically focused on). In these use cases, interaction comes first. The user shows up at a service provider and, in order to provide some enhanced level of customization, the service provider seeks to obtain identity. The model is

Interaction --------------> Identity Sharing

I'll argue that current identity systems (OpenID to a lesser extent, albeit not spec'd out) are geared to the latter model, what are the implications of the former?

Au contraire Monsieur Madsoooooon, we considered the both use cases and specifically designed the anonymous release of attributes around the case where the user gave away some bits of information in order to get a better experience at a target entity without giving away their identity nor creating a federation to their identity (which they could, of course, do later if desired).

The common discussion around anonymous identity was, for example, releasing your zip code out of your personal profile to anybody so that when you showed up at a movie web site, they could automatically display the movies that are showing in theaters in your area.

Yeah, well, I would say your model is the same. I interact with and release attributes to the VRM system (and give them permission to match those attributes with other parties that present some set of matching parameters). The VRM system then matches the two of us and voila I get what I was looking for.